What happened with Equifax…important insights on cyber attacks and other security breaches.
It’s Groundhog Day again.
Another day, another massive cyber security breach. With all the advancements made over the past two decades organizations still remain extremely vulnerable to cyber attacks and other security breaches. While some of this can be blamed on the perpetrators, business executives are not free from blame.
Small business owners and IT executives – and boards of directors – need to step up to their fiduciary responsibility and implement proactive and reactive methods for minimizing data risk exposures.
Equifax, one of the U.S.’s three biggest credit-reporting firms, announced it experienced a cybersecurity incident from mid-May to July that may have affected as many as 143 million consumers – half the U.S. population. The attackers gained access by exploiting a website vulnerability and were able to retrieve “certain files.”
Equifax claims its “core consumer and commercial credit reporting databases” were not accessed. Nonetheless, the cyber criminals acquired a treasure trove of information: names, addresses, birth dates, driver’s license numbers, and Social Security numbers in the mass attack plus credit card numbers from approximately 209,000 consumers and dispute documents with personal identifying information (PII) from another 182,000 consumers.
The breach, which was recently made public, was discovered on July 29th. This massive breach could easily be ranked as the largest one in history. It would be nice to think that this was an oddity but this seems to be an ongoing occurrence – only the corporate names and the volume of PII data change. A
week ago Verizon confirmed that 6 million of its customers had their PII leaked online and in June an analytics firm reported it had accidently exposed the PII data of nearly 200 million voters due to a misconfiguration of its AWS S3 storage.
The Big Picture
Only 21 percent of the small- to medium-sized businesses (SMBs) claim they are capable of managing IT security and protecting their firms against threats.
According to Verizon’s Data Breach Investigations Report in 60 percent of cases involving insider and privilege misuse, insiders leave with data in the hope of converting it into some form of monetary advantage. To make matters worse a survey of 500 IT decision makers by OneLogin found that 50 percent of ex-employees can still access corporate applications after they depart. 20 percent of the respondents report their failure to deprovision employees from corporate applications contributed to a data breach.
Almost half the surveyed IT executives claimed that more than 10 percent of all their data breaches were caused by departed employees. Furthermore 50 percent of the respondents either thought it took longer than a week to deprovision former employees or had no clue as to how long their access was active.
To all this we can add the cost of cybercrimes like the current ransomware incidents (where an attacker encrypts a computer or network until a ransom is paid). Kaspersky Lab estimates that a single incident can run a company more than $713,000 on average.
While the total cost is large, the average ransom demand is around $300. It is all the costs associated with the clean up, restoration of backups, and making sure the network is functioning correctly and is secure that pushes the costs up. Moreover for some it can also mean lost revenues or even lost lives.
Next page- How to Close the Barn Door